Rust: address comments

Author: aibaars

rust/ql/lib/codeql/rust/Concepts.qll

@@ -269,14 +269,7 @@ module Cryptography {
 
 /** Provides classes for modeling path-related APIs. */
 module Path {
-  /**
-   * A data-flow node that performs path normalization. This is often needed in order
-   * to safely access paths.
-   */
-  class PathNormalization extends DataFlow::Node instanceof PathNormalization::Range {
-    /** Gets an argument to this path normalization that is interpreted as a path. */
-    DataFlow::Node getPathArg() { result = super.getPathArg() }
-  }
+  final class PathNormalization = PathNormalization::Range;
 
   /** Provides a class for modeling new path normalization APIs. */
   module PathNormalization {

rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll

@@ -720,6 +720,15 @@ module RustDataFlow implements InputSig<Location> {
     not isSpecialContentSet(cs)
   }
 
+  /**
+   * Holds if `cs` is used to encode a special operation as a content component, but should not
+   * be treated as an ordinary content component.
+   */
+  private predicate isSpecialContentSet(ContentSet cs) {
+    cs instanceof TOptionalStep or
+    cs instanceof TOptionalBarrier
+  }
+
   pragma[nomagic]
   private predicate fieldAssignment(Node node1, Node node2, FieldContent c) {
     exists(AssignmentExprCfgNode assignment, FieldExprCfgNode access |
@@ -1110,16 +1119,6 @@ private module Cached {
       name = any(FlowSummaryImpl::Private::AccessPathToken tok).getAnArgument("OptionalBarrier")
     }
 
-  /**
-   * Holds if `cs` is used to encode a special operation as a content component, but should not
-   * be treated as an ordinary content component.
-   */
-  cached
-  predicate isSpecialContentSet(ContentSet cs) {
-    cs instanceof TOptionalStep or
-    cs instanceof TOptionalBarrier
-  }
-
   /** Holds if `n` is a flow source of kind `kind`. */
   cached
   predicate sourceNode(Node n, string kind) { n.(FlowSummaryNode).isSource(kind, _) }

rust/ql/src/queries/security/CWE-022/TaintedPath.ql

@@ -22,20 +22,11 @@ import codeql.rust.security.TaintedPathExtensions
 import TaintedPathFlow::PathGraph
 private import codeql.rust.Concepts
 
-abstract private class NormalizationState extends string {
-  bindingset[this]
-  NormalizationState() { any() }
-}
-
-/** A state signifying that the file path has not been normalized. */
-class NotNormalized extends NormalizationState {
-  NotNormalized() { this = "NotNormalized" }
-}
-
-/** A state signifying that the file path has been normalized, but not checked. */
-class NormalizedUnchecked extends NormalizationState {
-  NormalizedUnchecked() { this = "NormalizedUnchecked" }
-}
+newtype NormalizationState =
+  /** A state signifying that the file path has not been normalized. */
+  NotNormalized() or
+  /** A state signifying that the file path has been normalized, but not checked. */
+  NormalizedUnchecked()
 
 /**
  * This configuration uses two flow states, `NotNormalized` and `NormalizedUnchecked`,

rust/ql/test/query-tests/security/CWE-022/options.yml

@@ -1,3 +1,2 @@
-qltest_cargo_check: true
 qltest_dependencies:
     - poem = { version = "3.1.7" }